I know a little bit about programming. I wanted to know if there was a way to get a message box pop up every time someone plugs in a usb drive saying something like "is this an approved device?" . I was wondering if there was a way to insert this in a registry entry or something? Or maybe you have an idea on how to do this.
You can detect USB device inserts using the Win32_DeviceChangeEvent WMI event. There are other ways, like WM_DEVICECHANGE, but PowerShell already knowns how to handle WMI Events.
$query = "SELECT * FROM Win32_DeviceChangeEvent WHERE EventType = 2"
Register-WMIEvent -Query $query -Action { Write-Host "A device has been inserted"}
Source: here and here
Showing GUI messages could be done using WPF or WinForms.
Add-Type -AssemblyName System.Windows.Forms
[System.Windows.Forms.MessageBox]::Show('Message', 'Title')
Source: here and here
Related
I accidently did this command in powershell windows 10 and my mouse buttons are swapped.
rundll32.exe user32.dll,SwapMouseButton
How to fix it?
I was testing this command like in a youtube shorts. But I don't know how to fix it.
SwapMouseButton is a native Windows API function that can be called from PowerShell using P/Invoke.
Add the P/Invoke definition using Add-Type and then call the API function, passing $false to revert to normal mouse button behavior:
# Add the P/Invoke API definition
$api = Add-Type -PassThru -Namespace Win32 -Name Win32SwapMouseButton -MemberDefinition #'
[DllImport("user32.dll")]
public static extern bool SwapMouseButton(bool fSwap);
'#
# Call the API to restore normal mouse button behavior
$api::SwapMouseButton($false)
Likewise, you can pass $true to swap mouse buttons again, without having to resort to the rundll32 hack.
I've been beating my head against a wall for hours trying to figure out how to use either of these message box options to prompt the logged in user for a reboot after a scripted task in PowerShell. The code I am using below for each option. If I omit the last two values, the box seems to come up fine unless the script is started by a system account.
I found the "MessageBoxOptions" functionality which appears to be what I want. However I keep getting stuck on the MessageBoxResult and MessageBoxDefaultButton (Forms) values which appear to be required when using in PowerShell. No matter what I specify here, the box is never displayed. It's like it is setting the users option for them. For the life of me I can't get this command to complete using MessageBoxOptions and trying to omit MessageBoxResult and MessageBoxDefaultButton (Forms).
Ps.. If there is any way for this box to timeout if no option is selected after x period of time, that would be great. I am not a developer, just a sys admin using PowerShell.
https://learn.microsoft.com/en-us/dotnet/api/system.windows.messagebox.show?view=windowsdesktop-6.0#system-windows-messagebox-show(system-string-system-string-system-windows-messageboxbutton-system-windows-messageboximage-system-windows-messageboxresult-system-windows-messageboxoptions)
https://learn.microsoft.com/en-us/dotnet/api/system.windows.forms.messagebox?redirectedfrom=MSDN&view=windowsdesktop-6.0
Add-Type -AssemblyName PresentationFramework
$msgBoxInput = [System.Windows.MessageBox]::Show('Software has been deployed to your computer by CompanyName IT, please reboot to complete. Select "Yes" to reboot now. Or if you want to reboot yourself later, select "No".','CompanyName IT','YesNo','Information','none','ServiceNotification')
Add-Type -AssemblyName System.Windows.Forms
$msgBoxInput = [System.Windows.Forms.MessageBox]::Show('Software has been deployed to your computer by CompanyName IT, please reboot to complete. Select "Yes" to reboot now. Or if you want to reboot yourself later, select "No".','CompanyName IT','YesNo','Information','Button1','ServiceNotification')
I am using PowerShell to copy sensitive information to the Windows clipboard.
Since Windows 10 Vs. 1809 we have the enhanced clipboard with a history function. I don't want to have my sensitive information in the history.
The Set-Clipboard cmdlet doesn't have any helpful parameters. Even in C# I doesn't seem to have an easy way to do this.
It turns out you can access the Universal Windows Platform (UWP) APIs directly in PowerShell:
Function Set-ClipboardWithoutHistory([string]$Value)
{
[int]$RequestedOperationCopy = 1
$null = [Windows.ApplicationModel.DataTransfer.DataPackage,Windows.ApplicationModel.DataTransfer,ContentType=WindowsRuntime]
$null = [Windows.ApplicationModel.DataTransfer.ClipboardContentOptions,Windows.ApplicationModel.DataTransfer,ContentType=WindowsRuntime]
$null = [Windows.ApplicationModel.DataTransfer.Clipboard,Windows.ApplicationModel.DataTransfer,ContentType=WindowsRuntime]
$dataPackage = [Windows.ApplicationModel.DataTransfer.DataPackage]::new()
$cOptions = [Windows.ApplicationModel.DataTransfer.ClipboardContentOptions]::new()
$cOptions.IsAllowedInHistory = $false
$cOptions.IsRoamable = $false
$dataPackage.RequestedOperation = $RequestedOperationCopy
$dataPackage.SetText($Value)
[Windows.ApplicationModel.DataTransfer.Clipboard]::SetContentWithOptions($dataPackage, $cOptions) | Out-Null
}
As of December 2019, PowerShell is still not able to naively prevent adding a new clipboard item to the clipboard history.
The APIs to do this are available for the Universal Windows Platform (UWP).
During 2019 Microsoft made it much easier to access certain APIs in UWP from Windows Desktop Apps, and as it turns out from PowerShell.
So I wrote a small .Net assembly that I can use in PowerShell to prevent the usage of the history feature when copying text to the Windows clipboard.
The trick is to use:
Microsoft.Windows.SDK.Contracts
to access the UWP APIs, then use:
using uwp = Windows.ApplicationModel.DataTransfer;
uwp.DataPackage dataPackage = new uwp.DataPackage { RequestedOperation = uwp.DataPackageOperation.Copy };
dataPackage.SetText("text to copy");
uwp.Clipboard.SetContentWithOptions(dataPackage, new uwp.ClipboardContentOptions() { IsAllowedInHistory = false, IsRoamable = false });
uwp.Clipboard.Flush();
Is there a way to send keystrokes to a specific window using PowerShell ?
Right now I'm opening an IE window.
Then, by calling the link, a download window is opening.
I'm sending an ALT+TAB to switch in the download window, and LEFT+ENTER to confirm the download.
Is there a way to send this LEFT+ENTER to a specific window without having focus on it?
My code looks like that:
$ie=new-object -com internetexplorer.application
$ie.navigate2($url)
$ie.visible=$true
while($ie.busy) {Start-Sleep 1}
start-sleep -seconds 1
[System.Windows.Forms.SendKeys]::SendWait("%{TAB}")
start-sleep -seconds 1
[System.Windows.Forms.SendKeys]::SendWait("{LEFT}")
[System.Windows.Forms.SendKeys]::SendWait("{ENTER}")
I want to send the keystrokes to a specific window to make sure the download window gets the keystrokes even if the focus isn't on it.
I know sending keystrokes isn't the best way to download the file, but I've also tried this:
$webclient = New-Object System.Net.WebClient
$webclient.Credentials = New-Object System.Net.Networkcredential($user, $password)
$webclient.DownloadFile($urlWeb,$path)
I always get an 403 Error and haven't found a solution yet to solve this problem...
I'm not really a fan of SendKeys cause it almost always fail. If I use the provided link, I'm able to download the file with this Powershell code:
$userAgent = "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1"
$target = "http://download.thinkbroadband.com/5MB.zip"
$folder = "C:\TEMP\5MB.zip"
$web = New-Object System.Net.WebClient
$web.Headers.Add("user-agent", $userAgent)
$web.DownloadFile($target, $folder)
You might also need to add network credentials.
I need to create a WDM driver that emulates a device that is not present. The driver needs to be loaded when the O/S boots, opened and closed via SetupDiXXX and CreateFile, needs to respond to DeviceIoControl, etc.
I have the driver coded, but XP refuses to load it. The system event viewer says:
The MyDevice service failed to
start due to the following error: The
service cannot be started, either
because it is disabled or because it
has no enabled devices associated with
it.
Given that, I think the problem is in the INF file (reference below). Is it? How should I go about fixing it?
;; MyDevice.inf
[Version]
Signature="$Windows 95$"
Class=MyDeviceDeviceClass
ClassGUID={ff646f80-8def-11d2-9449-00105a075f6b}
Provider=%ProviderName%
DriverVer= 12/21/2009,1.0.0.1
[ClassInstall32]
Addreg=Class_AddReg
[Class_AddReg]
HKR,,,,%DeviceClassName%
HKR,,Icon,,"-18"
[DestinationDirs]
MyDevice_Files_Driver = 10,System32\Drivers
[Manufacturer]
%MfgName%=Mfg0
[Mfg0]
%DeviceDesc%=MyDevice_DDI, *MyDevice
[MyDevice_DDI]
CopyFiles=MyDevice_Files_Driver
AddReg=MyDevice_9X_AddReg
[MyDevice_DDI.NT]
CopyFiles=MyDevice_Files_Driver
AddReg=MyDevice_NT_AddReg
[MyDevice_DDI.NT.Services]
Addservice = MyDevice, 0x00000002, MyDevice_AddService
[MyDevice_AddService]
DisplayName = %SvcDesc%
ServiceType = 1
StartType = 3
ErrorControl = 1
ServiceBinary = %10%\System32\Drivers\MyDevice.sys
[MyDevice_NT_AddReg]
HKLM, "System\CurrentControlSet\Services\MyDevice\Parameters","BreakOnEntry", 0x00010001, 0
[MyDevice_Files_Driver]
MyDevice.sys
[Strings]
ProviderName="Acme"
MfgName="Acme"
DeviceDesc="Acme"
DeviceClassName="Device class for MyDevice"
SvcDesc="MyDevice NT service"
Self answered:
I changed the INF to include the following:
[Mfg0]
%DeviceDesc%=MyDevice_DDI, *MyDevice\ipm1
The "\ipm1" is new, and a little voodoo in my eyes. I got it from an example in Chris Cant's "Writing Windows WDM Device Drvers".
The big change is using the "Add New Hardware" wizard from the control panel to install the driver. Right-click installing the INF is not enough. I suspect the reason is that it invokes the PnP manager which correctly fails to find hardware for the driver to control.